科技回声

11 条评论

NicoJuicy超过 1 年前

This was only one part of the story?1. Vercel shipping Indie hackers projects ( their customers) as "app templates" as a host, for marketing purpose<a href="https://twitter.com/nico_jeannen/status/1712749652133683632?t=oAcu_ZnC9Zqc_GBjibeb4g&s=19" rel="nofollow noreferrer">https://twitter.com/nico_jeannen/status/1712749652133683632?...</a>2. The mentioned infringement of a Vercel employee, mentioned here ( he seems to be fired)<a href="https://twitter.com/nico_jeannen/status/1713139186474406206?t=4O_HTGKSkZY6pok46xcRdQ&s=19" rel="nofollow noreferrer">https://twitter.com/nico_jeannen/status/1713139186474406206?...</a>3. Very broad ToS -> Vercel may delete your app for no reason at all<a href="https://twitter.com/bk_7312/status/1713197808264839479?t=h1TeEZlsjv3KbmAL0DVKSw&s=19" rel="nofollow noreferrer">https://twitter.com/bk_7312/status/1713197808264839479?t=h1T...</a>

koopuluri超过 1 年前

This is really concerning.This combined with their marketing strategy of copying popular indie products and turning them into NextJS templates creates paranoia in the minds of builders who trust Vercel with their codebases, analytics, and often even their data (via Vercel's storage products).It seems that an enterprising Vercel employee has a goldmine of data to help inform their next "side project".

评论 #37887385 未加载

hubraumhugo超过 1 年前

> Employees can easily access the user's data and impersonate any accountAt every decent sized company I've worked for, topics like production data privileges, data classification (public, sensitive, confidential, etc.), data masking, and data anonymization for testing have been top priorities. And these policies are sometimes a true pain in the ass for developers, but they exist for a good reason.I guess you shouldn't miss the timing to go from "move fast and break things" to "ok we're now a serious business".

评论 #37887387 未加载

评论 #37887531 未加载

hipadev23超过 1 年前

Isn't this like the 5th or 6th time Vercel accessed private information from customers to launch a competitive service and/or shutdown the customer?Is there some tech incubator clause buried in their TOS and this is all okay?

评论 #37887399 未加载

jlund-molfese超过 1 年前

More context: <a href="https://twitter.com/nico_jeannen/status/1713139186474406206" rel="nofollow noreferrer">https://twitter.com/nico_jeannen/status/1713139186474406206</a>

lloydatkinson超过 1 年前

Vercel is rapidly turning into a scourge in the open source world. Their strong coupling to React is also worrying, they are already trying to influence future React features for their NextJS framework.

评论 #37893663 未加载

mdhb超过 1 年前

Add it to the long list of evidence that Vercel is a shady af company who shouldn’t be trusted.

评论 #37887520 未加载

throwaway290超过 1 年前

Tangentially, who else misses the time when React was just a side project by FB? Increasingly it seems to be led by Vercel who makes profit from React-based solutions.

评论 #37887282 未加载

评论 #37887266 未加载

评论 #37887576 未加载

评论 #37887211 未加载

pc_edwin超过 1 年前

> The employee did not have access to any source code, secrets, or the ability to change settings or deployments.We are talking about an employee who has access to the customers personal information as part of their job doing something unethical.I would be extremely surprised if Vercel didn't have industry systems and practices in place for security.This is an edge case which can only be avoided by building Google-esque systems and practices. I don't think you guys really understand what your asking for here.This will cripple them in so many ways, it makes so much more sense delay it as long as possible. Not because they can save a bit of money, but because they UX will fall of a cliff, feature velocity will ground to a halt and the product will drift further away from stuff we really want.

osbulbul超过 1 年前

Well, I already don't like vercel and just sign up to test couple of things. But after I read this, I am going to delete my test account.

jatins超过 1 年前

In my experience at early stages of a company data ACLs are often the last priority for companies. People are rewarded for shipping things that can get a mention in company's next board deck, and "added ACLs to our Postgres" never got a mention in a board deck.I am sure a half motivated employee at your favorite cab service could see which addresses you frequently commuted to in first few years of that service's existence

评论 #37889919 未加载

11 条评论

NicoJuicy超过 1 年前

koopuluri超过 1 年前

评论 #37887385 未加载

hubraumhugo超过 1 年前

评论 #37887387 未加载

评论 #37887531 未加载

hipadev23超过 1 年前

评论 #37887399 未加载

jlund-molfese超过 1 年前

More context: <a href="https://twitter.com/nico_jeannen/status/1713139186474406206" rel="nofollow noreferrer">https://twitter.com/nico_jeannen/status/1713139186474406206</a>

lloydatkinson超过 1 年前

评论 #37893663 未加载

mdhb超过 1 年前

Add it to the long list of evidence that Vercel is a shady af company who shouldn’t be trusted.

评论 #37887520 未加载

throwaway290超过 1 年前

Tangentially, who else misses the time when React was just a side project by FB? Increasingly it seems to be led by Vercel who makes profit from React-based solutions.

评论 #37887282 未加载

评论 #37887266 未加载

评论 #37887576 未加载

评论 #37887211 未加载

pc_edwin超过 1 年前

osbulbul超过 1 年前

Well, I already don't like vercel and just sign up to test couple of things. But after I read this, I am going to delete my test account.

jatins超过 1 年前

评论 #37889919 未加载

Vercel employee used customer information to pursue a personal trademark matter

11 条评论

Vercel employee used customer information to pursue a personal trademark matter

11 条评论